Cybersecurity First Principles: resilience.
This is the fourth show in a planned series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners - be they from the commercial sector, government enterprise, or academic institutions - using the concept of first principles. The first show explained what first principles are in general and what the very first principle should be for any infosec program. The second show discussed zero trust. The third show covered intrusion kill chains. This show will cover resilience.
References:
- "Chaos Engineering: Open-sourcing Netflix’s chaos generator, Chaos Monkey,” by Cloud_Freak, Medium, 8 September 2019, last visited 30 April 2020
- “Congressional Report Slams OPM on Data Breach,” by Brian Krebs, KrebsOnSecurity, 7 September 2016, last visited 30 May 2020
- “Compare and contrast business resilience vs. business continuity,” by Paul Kirvan, TechTarget, 29 January 2020, last visited 30 May 2020
- "Cyber Resilience – Fundamentals for a Definition,” by Fredrik Björck, Martin Henkel, Stockholm University, Janis Stirna, Jelena Zdravkovic, Stockholm University, Article in Advances in Intelligent Systems and Computing, January 2015, last visited 30 April 2020
- “EXPLORING THE EVOLUTION OF BUSINESS CONTINUITY MANAGEMENT,” by DENOVO Blog, 31 May 31 2018, last visited 30 May 2020
- "Jon Snow’s Plan for the Battle of Winterfell Has a Crucial Flaw, But Is It Doomed?" By Ian Graber-Stiehl, Vulture.com, 26 April 2019, last visited 30 April 2020
- "Partnering for Cyber Resilience,” by The World Economic Forum, 2012, Last Visited 30 April 2020
- "Presidential Policy Directive 21: Critical Infrastructure Security and Resilience,” President Obama, 12 February 2013, last visited 30 April 2020
- "The Maginot Line: France's Defensive Failure in World War II," by By Robert Wilde, ThoughtCo, 30 March 2018, last visited 30 April 2020
- “Site Reliability Engineering: How Google Runs Production Systems,” By Betsy Beyer, Chris Jones, Jennifer Petoff, and Niall Richard Murphy, Google Landing Page, O’Reilly Media, 16 April 2016, last visited 2 September 2017
- “Organizational Resilience: Security, Preparedness, and Continuity Management Systems -- Requirements with Guidance for Use, ASIS SPC.1-2009” by ASIS International, 2009, last visited 30 May 2020
- “Security and resilience — Organizational resilience — Principles and attributes: ISO 22316:2017(en),” by ISO, 2017, last visited 30 May 2020
- “The Cybersecurity Canon: No Place to Hide (Part 1),” by Rick Howard, Palo Alto Networks, 15 July 2014, last visited 30 May 2020
- “The Cybersecurity Canon: No Place to Hide (Part 2),” by Rick Howard, Palo Alto Networks, 16 July 2014, last visited 30 May 2020